The Christ Hospital Health Network (“our,” “we,” or “us”). Safeguarding your privacy is essential to us. This Privacy Statement (“Notice”) provides you in detail about the information we gather, how we utilize it, the choices available to you, and other important information about the use of data collected through our Website.
Scope and Applicability
This Notice is applicable to information collected through our websites that either display this Notice or are linked to it, including but not limited to www.thechristhospital.com (referred to collectively as our “Website”). Additionally, this statement extends to information shared with us by approved partners and other third-party sources.
However, please note that this Notice does not cover (i) information collected offline or through websites and online services that do not link to or display this Notice, including third-party websites to which our online services may link, or (ii) individually identifiable information provided for the purposes of obtaining medical care, categorized as “Protected Health Information” or “PHI” under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), which is subject to The Christ Hospital Health Network’s Notice of Privacy Practices (the “HIPAA Notice”). The HIPAA Notice does not apply to information that is not PHI. This Notice supplements the HIPAA Notice. If there is a conflict between the HIPAA Notice and this Notice, the HIPAA Notice will apply.
Information You Voluntarily Share
We collect data that you directly provide to us. This includes information you might provide through signing up for newsletters, submitting forms for additional service information, or making donations to our Foundation. This data may encompass your name, email address, phone number, postal address, payment information (such as your credit card number, expiration date, and credit card security code), medical information or inquiries (not rising to the level of PHI protected by HIPAA), and any other details you choose to provide while using our Website. We may combine such information with information we already have about you.
The information you share with us is utilized to respond to your inquiries, process donations, and fulfill other purposes for which you provided the information. We will not employ this information for any purposes beyond those described in this Notice or without other prior notice or explanation available to you at the time of collection.
Automatic Collection via Third-Party Tools
We automatically collect and anonymize information about your visits to the Website, such as the frequency of visits, pages viewed, and the websites that referred you to our Website. We also may collect data such as: (1) your IP address; (2) your interactions with content; (3) date and time stamps; (4) device types; (5) click data; and (6) other user behaviors such as search field information. We may also collect certain location information when you use our Website. We aggregate this data, and may combine this data with other information we collect about you to better understand how visitors use our Websites, improve user experience, and help manage, maintain, and report on use of our Website.
We may use cookies, pixel tags, and similar technologies to automatically collect this information. The use of cookies and other technology, described below, allows us to make our Website more responsive to your needs by delivering a better and more personalized experience to you. We use these cookies to identify you as a valid user and to verify your acknowledgement of our Privacy statement.
We may employ specific third-party products or services with trusted Business Associates to gain better insights into how our Website is utilized. Our Business Associates collect such anonymized data with a high degree of trust and security.
Information from Service Providers
We may receive personal information about you from other sources and combine that with information we collect directly from you. For example, we may obtain information about you from service providers that we engage to perform services on our behalf, such as content delivery services, payment processors, and analytics, security and anti-fraud services. We may combine our first-party data, such as your email address or name, with other data. For example, If you opt-into receiving marketing emails from us and visit our Website through a link in one of those emails, we may combine the information we have collected with your activity on the Website.
Use of Information
- We may use the information we collect or that you provide to us, including personal information online to: Fulfill your requests for products, services or information;
- Send you information about additional clinical services or general wellness from us;
- Analyze the use of the Websites and user data to understand and improve the Websites;
- Provide services and/or marketing products or services;
- Conduct research using your information, which may be subject to your written authorization;
- Prevent potentially illegal or prohibited activities;
- Carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
- Notify you when services updates are available and about changes to any products or services we offer or provide though them; and/or
- For any other purposes disclosed to you at the time we collect your information or pursuant to your consent.
Pages we do not track
We do not use tracking technology on pages where we ask you for your financial data. These pages include, but are not limited to: The Christ Hospital Foundation Donation Page.
Sharing of Information
We may share the anonymized information, described previously as specified in this Notice or as otherwise indicated when the information is collected from you, with our trusted Business Associates. We will not sell, rent, or exchange this information. We will also not authorize our Business Associates to use this information for their commercial purposes without obtaining your consent.
Information Shared by Us
We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect:
- Corporate Affiliates: We may share information with parent, subsidiary, or affiliate entities within The Christ Hospital Health Network family. Any organization receiving this information must maintain its confidentiality and use it solely in accordance with this Notice.
- Business Associates: In the course of our operations, we may engage other companies and individuals to perform various functions on our behalf. For example, we may provide information as needed to companies responsible for hosting our Websites or delivering communications on our behalf. These Business Associates may have access to your information, but they are not permitted to use or disclose it for purposes beyond those required for providing services on our behalf or to comply with legal requirements. They are obligated to maintain the confidentiality of the information.
- Business Transfers: We may transfer your information as part of a transfer of the assets of the organization, merger, or consolidation, or in the unlikely event of bankruptcy, if such transfer is permissible under applicable law.
- Legal Obligations: We retain the right to disclose information if compelled by law or by a regulatory authority, including those governing higher education, subpoenas, court orders, legal process, law enforcement requests, and legal claims or government enquiries. We may also disclose information in response to investigations or enforcement actions related to improper or unlawful conduct associated with our Websites or other products. This includes, but is not limited to, situations that may involve potential threats to an individual's safety or privacy or the misuse of our Websites.
- With your consent or at your direction: We may share information for any other purposes disclosed to you at the time we collect the information or pursuant to your consent or direction.
Security
Protecting your information is a priority for us, and we use commercially reasonable administrative, physical, and technical measures designed to protect your personal information from loss, theft, misuse or unauthorized access, disclosure, alteration, and destruction in accordance with HIPAA, to the extent applicable. However, it’s important to acknowledge that no website or internet transmission is entirely secure or error-free. We recommend that you take steps to safeguard your private information.
You acknowledge and agree that we are not responsible for the theft, destruction, or inadvertent disclosure of your personal information. In the unfortunate event that your personal information is compromised, we may notify you by e-mail (at our sole and absolute discretion) to the last e-mail address you have provided us in the most expedient time reasonable under the circumstances and if required by applicable law; provided, however, delays in notification may occur while we take necessary measures to determine the scope of any such incident and restore reasonable integrity to the system as well as for the legitimate needs of law enforcement if notification would impede a criminal investigation.
Email communications through our Website may not be encrypted, and there is a potential risk that unauthorized individuals may intercept email messages. The Christ Hospital Health Network and its affiliates are not responsible for the privacy and security of email messages, except for those stored within our system.
Retention of Information
We will keep your personal information for as long as necessary to fulfill the purposes we collected it for and in accordance with our internal document retention policy and any applicable law. We will retain and use personal information as long as necessary: (1) to respond to any questions, complaints or claims made by you or on your behalf; or (2) to keep records as required by law. Different retention periods apply for different types of personal information. For example, under state and federal law, we may be required to maintain some data that is specific to you and that may identify you, such as your medical records or other information. We may also have a legal basis or obligation to maintain medical and other information about you to provide care and treatment or to comply with our professional, legal, and other obligations.
Under some circumstances, we may anonymize your personal information so that it can no longer be associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to you or your consent.
Third-Party Links
Periodically, we may choose to include or provide third-party products or services on or linked to our Websites. These third-party websites have their own separate and independent privacy policies and practices. Consequently, we bear no responsibility or liability for the content and activities of these linked websites. You should review the privacy notices of all websites with which you interact.
California Residents and other State Rights
California Civil Code Section 1798.83 (California's “Shine the Light” law) permits users of our Website that are California residents and who provide personal information in obtaining products and services for personal, family, or household use to request certain information regarding our disclosure of personal information to third parties for their own direct marketing purposes. If applicable, this information would include the categories of personal information and the names and addresses of those businesses with which we shared your personal information with for the immediately prior calendar year. You may request this information once per calendar year. To make such a request, please contact us using the information below.
Children’s Online Privacy Protection Act
Except as otherwise indicated, The Christ Hospital Health Network does not knowingly or intentionally collect personal information from children under age 18. The content of our Website is directed at adults, and therefore this site is intended for use only by adults at least 18 years old. If you are under the age of 18, please consult a parent or guardian for help in using the Website.
We do not knowingly collect or solicit personal information from anyone who we know to be under the age of 13, or knowingly allow such persons to use the Website. Should we learn that someone under the age of 13 has submitted personal information through the Website, we will remove and destroy that personal information as soon as possible.
Accessing The Christ Hospital Health Network Platforms from Outside The United States
The Christ Hospital Health Network is headquartered in Ohio, United States. The services offered through our Websites are primarily directed at customers in the United States, which may not provide the same level of protection as the laws of your jurisdiction, to the extent you are a resident of a country other than the United States. By utilizing any part of our Website, you understand and consent to the transfer of your information to the United States and to third parties with whom we share it as described in this Notice.
Acceptance of Notice Terms
This Notice is integrated into and governed by the Terms and Conditions of Use. If you do not agree to the terms outlined in this Notice or the use of your information as detailed herein, please refrain from using our Website. Continued usage of our Website following changes to this Notice will be deemed as your acceptance of the revisions.
Updates
We reserve the right to amend this Notice at any time. When we update the Notice, we will revise the “Effective Date” above and post the revised Notice. We recommend that you review the Notice each time you visit the Website to stay informed of our privacy practices.
Consumers with Disabilities
To request this Notice in an alternative format, please reach out to us at the contact information provided below.
Reservation of Rights; Questions
By viewing and/or interacting with our Website, you consent, and we reserve the right, to have the data we collect from you be used as described in this Notice. Additionally, you consent, and we reserve the right, to have the data we collect from you be used in ways that are consistent with the then-current disclosed Notice regardless of when your data was collected (e.g., we can use your data in ways that are consistent with the current disclosed practices, but which may not be entirely consistent with the previously disclosed practices when your information was originally collected).
